Senators Unveil Yet Another Flawed National ID Card Plan

Last Friday, Senators Charles Schumer (D-NY) and Lindsey Graham (R-SC) outlined a proposal for immigration reform. At the top of their immigration reform agenda? A national, biometric identification card for all workers, citizen or immigrant. From the article:

We would require all U.S. citizens and legal immigrants who want jobs to obtain a high-tech, fraud-proof Social Security card. Each card's unique biometric identifier would be stored only on the card; no government database would house everyone's information. The cards would not contain any private information, medical information or tracking devices. The card would be a high-tech version of the Social Security card that citizens already have.

This proposal should grit the teeth and narrow the eyes of anyone who has carefully considered the dangers of a national, biometric-carrying identification card scheme. Like other national ID proposals, this one seems to naively assume that technology and federalization can provide an across-the-board "upgrade" to existing identification schemes, when in reality it spawns a beastly tangle of complex issues. On the CATO@Liberty blog, Jim Harper dissects the many reasons why the national biometric ID plan is "gratuitous and punitive." EFF shares the view that the proposal is deeply problematic — unpacking each of the statements in the paragraph above reveals many pitfalls.

"We would require all U.S. citizens and legal immigrants who want jobs to obtain a high-tech, fraud-proof Social Security card." Unfortunately, "high-tech" and "fraud-proof" are far from synonymous. Technologies intended to keep information secure are regularly compromised — meaning that a permanent, national scheme will be breathtakingly expensive to develop and maintain securely. Moreover, any high-tech security would be rendered moot by the weakest link — the individuals who will be collecting data and issuing identification. Those individuals can make mistakes, and they may also allow and perpetuate fraud or identity theft. If, as the senators suggest, this card is to be a prerequisite to simply make a living, then there will be an extremely high demand for fraudulent documents, and "high-tech" itself won't stop forged, stolen, or "creatively obtained" documents from being circulated.

"Each card's unique biometric identifier would be stored only on the card; no government database would house everyone's information." The senators are wise to propose that no government database would house everyone's information — no government database should. But we're very skeptical that the government wouldn't later find it to be overwhelmingly convenient to collect the information (perhaps even to aid enforcement of the immigration regime itself). Indeed, it's hard to understand how the system would function properly without checking a large database (or set of databases) for matching a name to the biometric data. The Privacy Lives blog gives a simple example: imagine an fraudulent ID card with someone else's biometric data, but your name. To prevent this from happening, there would probably need to be a database of some kind to check for validity.

Biometrics raise a host of issues, especially in the national ID context. As security expert Bruce Schneier has noted, "[Biometrics] don't fail well. Passwords can be changed, but if someone copies your thumbprint, you're out of luck: you can't update your thumb. Passwords can be backed up, but if you alter your thumbprint in an accident, you're stuck."

Moreover, Schneier adds:

[B]iometrics are easy to steal. You leave your fingerprints everywhere you touch, your iris scan everywhere you look. Regularly, hackers have copied the prints of officials from objects they've touched, and posted them on the Internet. We haven't yet had an example of a large biometric database being hacked into, but the possibility is there. Biometrics are unique identifiers, but they're not secrets.

In any case, a federalized, mandatory identification scheme will be subject to mission creep from third parties. Because of the ID card's proposed universality, it will likely be requested and required by airlines, insurance agencies, health care providers, mortgage lenders, credit card companies, and so forth. Those databases will become yet another high value target for hackers or again, unscrupulous individuals with valid access, and if biometric identification becomes the norm, the cost of losing control of your biometric identity information will probably be greater than today's identity theft.

"The cards would not contain any private information, medical information or tracking devices." It's important that they're recognizing that radio frequency identification chips (or RFIDs), are a disaster for holding data intended to be private or secure. But let's be clear that a persistent identifier itself can be used for tracking. If third-party organizations wind up keeping track as we posit, then a simple subpoena or warrant could reveal when you got your job, when you signed up for a credit card, or when you started seeing a specialist physician. Simply put, the lack of a dedicated "tracking device" does not equate to a lack of tracking.

This proposal is particularly worrisome because the heated emotions around immigration reform might drown out rational considerations about the effectiveness and cost of a biometric national ID card, not to mention the dire affront to personal freedom presented by such a scheme. EFF will be keeping an eye out for more details, so stay tuned.

Since 2014, our digital security guide, Surveillance Self-Defense (SSD), has taught thousands of Internet users how to protect themselves from surveillance, with practical tutorials and advice on the best tools and expert-approved best practices. After hearing growing concerns among activists following the 2016 US presidential election, we pledged...

In the dead of night, the California Legislature shelved legislation that would have protected every Internet user in the state from having their data collected and sold by ISPs without their permission. By failing to pass A.B. 375, the legislature demonstrated that they put the profits of Verizon, AT&T, and...

As the days wind down for the California legislature to pass bills, transparency advocates have seen landmark measures fall by the wayside. Without explanation, an Assembly committee shelved legislation that would have shined light on police use of surveillance technologies, including a requirement that police departments seek approval from...

Now that California’s Broadband Privacy Bill, A.B. 375, is headed for a final vote in the California legislature, Comcast, Verizon, and all their allies are pulling out all the stops to try to convince state legislators to vote against the bill. Unfortunately, that includes telling legislators about made-up problems the...

Boston, Massachusetts—The Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU) sued the Department of Homeland Security (DHS) today on behalf of 11 travelers whose smartphones and laptops were searched without warrants at the U.S. border. The plaintiffs in the case are 10 U.S. citizens and...

Huge news for broadband privacy! A California bill that would restore many of the privacy protections that Congress stripped earlier this year is headed for a final vote this Friday,
The bill, A.B. 375, had languished in the Senate Rules Committee due to the efforts of AT&T, Comcast...

California lawmakers have until Sept. 15 to decide whose side they’re on: broadband consumers like you or giant cable and telephone companies like Comcast, AT&T, and Verizon. The matter at hand: A.B. 375, legislation from Assemblymember Ed Chau that would restore many of the privacy protections that Congress stripped earlier...

We are deeply disappointed to learn that a powerful surveillance transparency reform bill in California has died in the Assembly Appropriations committee today. S.B. 21 sought to hold police departments accountable by giving the public a voice in how law enforcement acquires and deploys new surveillance systems. The bill...

San Francisco, California—The Electronic Frontier Foundation (EFF) and the ACLU won a decision by the California Supreme Court that the license plate data of millions of law-abiding drivers, collected indiscriminately by police across the state, are not “investigative records” that law enforcement can keep secret. California’s highest court...